I have Nginx running as a reverse proxy in front of Apache Guacamole. Everything works fine when accessing via IP address with XX.XX.XX.XX:8443. However I can't access via the server_name with "www.trainingserver1.com:8443". Here is the mysite.template file:
server {
listen 80 default_server;
server_name _;
return 444 "No server is currently configured for the requested host." ;
}
server {
listen 443 ssl;
server_name *.trainingserver1.com;
ssl_certificate /etc/nginx/ssl/self.cert;
ssl_certificate_key /etc/nginx/ssl/self-ssl.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling off;
ssl_stapling_verify off;
# resolver 8.8.8.8 8.8.4.4 valid=300s;
# resolver_timeout 5s;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
proxy_pass http://guacamole:8080;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_cookie_path /guacamole/ /;
access_log off;
# allow large uploads (default=1m)
# 4096m = 4GByte
client_max_body_size 4096m;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
Here is the nginx.conf file:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
And lastly here is the docker-compose.yml that starts everything:
version: '3'
networks:
guacnetwork:
driver: bridge
services:
guacamole:
image: oznu/guacamole
container_name: guacamole
volumes:
- postgres:/config
restart: always
networks:
guacnetwork:
expose:
- 8080
restart: always
nginx:
restart: always
image: nginx
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/mysite.template:/etc/nginx/conf.d/mysite.template
- ./nginx/ssl:/etc/nginx/ssl
ports:
- 8443:443
## environment:
## - NGINX_HOST=nginx
## - NGINX_PORT=443
links:
- guacamole
networks:
guacnetwork:
# install openssl, create self-signed certificate and run nginx
command: /bin/bash -c "apt-get -y update && apt-get -y install openssl && openssl req -nodes -newkey rsa:2048 -new -x509 -keyout /etc/nginx/ssl/self-ssl.key -out /etc/nginx/ssl/self.cert -subj '/C=DE/ST=BY/L=Hintertupfing/O=Dorfwirt/OU=Theke/CN=www.createyourown.domain/[email protected]' && cp -f -s /etc/nginx/conf.d/mysite.template /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'"
volumes:
postgres:
driver: local
Edit:
Everything in the Nginx config turned out to be Ok. This was a simple DNS record issue. Once the DNS record was fixed then the Nginx server was accessible at www.trainingserver1.com:8443.